RE: Network Statistics

From: Allan Jude (937863_at_primus.ca)
Date: 05/14/03

  • Next message: Allan Jude: "RE: Network Statistics"
    To: "'PsYxAkIaS (FreeBSD)'" <freebsd@psyxakias.com>
    Date: Wed, 14 May 2003 11:46:03 -0400
    
    

    Ipband

    It's in the ports tree, it is ment to email you whenever any of your ips
    goes over a set limit (300kb/sec)
    You can change a bit of code to make it install firewall rules rather
    than email you

    -----Original Message-----
    From: owner-freebsd-isp@freebsd.org
    [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of PsYxAkIaS (FreeBSD)
    Sent: Wednesday, May 14, 2003 7:46 AM
    To: freebsd-isp@freebsd.org
    Subject: Network Statistics

    Hey all

    I am currently using tcpstat to check if I am getting attacked, tcpdump
    to trace the ips and what type of attack and ipfw firewall to block
    them. Sometimes trafshow too but on big attacks trafshow isnt helpful.

    1. Do you have any other utils than tcpdump to suggest ?

    2. I was thinking to make a script to auto-block (via ipfw firewall) any
    ip that spends 300 kb/sec for more than 1 minute. Do you know any tools
    that may show me which of my ips are getting more than 300 kb/sec? I
    hope you got my point

    Best Regards
    _______________________________________________
    freebsd-isp@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-isp
    To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

    _______________________________________________
    freebsd-isp@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-isp
    To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"


  • Next message: Allan Jude: "RE: Network Statistics"